def test_lsa_LookupNames4_multiple_conns(self): """ Test by going back and forward between real DB lookups name->sid->name to ensure the sam.ldb handle is fine once shared """ machine_creds = Credentials() machine_creds.guess(self.lp) machine_creds.set_machine_account() c_normal = lsa.lsarpc( "ncacn_np:%s[seal]" % self.server, self.lp, machine_creds) username, domain = c_normal.GetUserName(None, None, None) c = lsa.lsarpc( "ncacn_ip_tcp:%s[schannel,seal]" % self.server, self.lp, machine_creds) sids = lsa.TransSidArray3() names = [username] level = lsa.LSA_LOOKUP_NAMES_ALL count = 0 lookup_options = lsa.LSA_LOOKUP_OPTION_SEARCH_ISOLATED_NAMES client_revision = lsa.LSA_CLIENT_REVISION_2 (domains, sids, count) = c.LookupNames4(names, sids, level, count, lookup_options, client_revision) c = lsa.lsarpc( "ncacn_ip_tcp:%s[schannel,seal]" % self.server, self.lp, machine_creds) sids = lsa.TransSidArray3() names = [username] level = lsa.LSA_LOOKUP_NAMES_ALL count = 0 lookup_options = lsa.LSA_LOOKUP_OPTION_SEARCH_ISOLATED_NAMES client_revision = lsa.LSA_CLIENT_REVISION_2 (domains, sids, count) = c.LookupNames4(names, sids, level, count, lookup_options, client_revision)
def test_lsa_LookupNames4_without_schannel(self): machine_creds = Credentials() machine_creds.guess(self.lp) machine_creds.set_machine_account() c_normal = lsa.lsarpc( "ncacn_np:%s[seal]" % self.server, self.lp, machine_creds) username, domain = c_normal.GetUserName(None, None, None) sids = lsa.TransSidArray3() names = [username] level = lsa.LSA_LOOKUP_NAMES_ALL count = 0 lookup_options = lsa.LSA_LOOKUP_OPTION_SEARCH_ISOLATED_NAMES client_revision = lsa.LSA_CLIENT_REVISION_2 with self.assertRaises(NTSTATUSError) as e: c_normal.LookupNames4(names, sids, level, count, lookup_options, client_revision) if (e.exception.args[0] != NT_STATUS_ACCESS_DENIED): raise AssertionError("LookupNames4 without schannel must fail with ACCESS_DENIED")
def packet_lsarpc_77(packet, conversation, context): # lsa_LookupNames4 c = context.get_lsarpc_connection() sids = lsa.TransSidArray3() names = [lsa.String("This Organization"), lsa.String("Digest Authentication")] level = lsa.LSA_LOOKUP_NAMES_ALL count = 0 lookup_options = lsa.LSA_LOOKUP_OPTION_SEARCH_ISOLATED_NAMES client_revision = lsa.LSA_CLIENT_REVISION_2 c.LookupNames4(names, sids, level, count, lookup_options, client_revision) return True
def packet_lsarpc_77(packet, conversation, context): # lsa_LookupNames4 c = context.get_lsarpc_connection() sids = lsa.TransSidArray3() names = [ lsa.String("This Organization"), lsa.String("Digest Authentication") ] level = 5 count = 0 lookup_options = 0 client_revision = 2 c.LookupNames4(names, sids, level, count, lookup_options, client_revision) return True
def test_lsa_LookupNames4_LookupSids3_multiple(self): """ Test by going back and forward between real DB lookups name->sid->name to ensure the sam.ldb handle is fine once shared """ machine_creds = Credentials() machine_creds.guess(self.lp) machine_creds.set_machine_account() c_normal = lsa.lsarpc( "ncacn_np:%s[seal]" % self.server, self.lp, machine_creds) username, domain = c_normal.GetUserName(None, None, None) c = lsa.lsarpc( "ncacn_ip_tcp:%s[schannel,seal]" % self.server, self.lp, machine_creds) sids = lsa.TransSidArray3() names = [username] level = lsa.LSA_LOOKUP_NAMES_ALL count = 0 lookup_options = lsa.LSA_LOOKUP_OPTION_SEARCH_ISOLATED_NAMES client_revision = lsa.LSA_CLIENT_REVISION_2 (domains, sids, count) = c.LookupNames4(names, sids, level, count, lookup_options, client_revision) # Another lookup on the same connection, will re-used the # server-side implicit state handle on the connection (domains, sids, count) = c.LookupNames4(names, sids, level, count, lookup_options, client_revision) self.assertEqual(count, 1) self.assertEqual(sids.count, 1) # Now look the SIDs back up names = lsa.TransNameArray2() sid = lsa.SidPtr() sid.sid = sids.sids[0].sid lookup_sids = lsa.SidArray() lookup_sids.sids = [sid] lookup_sids.num_sids = 1 level = lsa.LSA_LOOKUP_NAMES_ALL count = 1 lookup_options = 0 client_revision = lsa.LSA_CLIENT_REVISION_2 (domains, names, count) = c.LookupSids3(lookup_sids, names, level, count, lookup_options, client_revision) self.assertEqual(count, 1) self.assertEqual(names.count, 1) self.assertEqual(names.names[0].name.string, username.string) # And once more just to be sure, just checking for a fault sids = lsa.TransSidArray3() names = [username] level = lsa.LSA_LOOKUP_NAMES_ALL count = 0 lookup_options = lsa.LSA_LOOKUP_OPTION_SEARCH_ISOLATED_NAMES client_revision = lsa.LSA_CLIENT_REVISION_2 (domains, sids, count) = c.LookupNames4(names, sids, level, count, lookup_options, client_revision)